We are seeking an experienced Identity & Access Management (IAM) Security Architect Lead to drive the design, development, and implementation of enterprise-class IAM solutions across our organization. You will be the strategic and technical authority for all IAM architecture, ensuring our identity ecosystem is secure, scalable, and aligned with business needs.
As the IAM Security Architect Lead, you will also lead a small team of IAM engineers, providing technical guidance, mentoring, and ensuring successful project delivery. This is a hands-on leadership role, requiring both deep technical expertise and the ability to influence stakeholders across the business and IT functions.
Key Responsibilities
- Lead the end-to-end IAM architecture design, covering identity lifecycle management, authentication, authorization, privileged access management, secrets management, federation, and governance.
- Define and maintain IAM reference architectures, standards, and patterns aligned to security best practices and regulatory requirements.
- Partner with business, security, and IT teams to translate requirements into scalable IAM solutions.
- Oversee and guide proof-of-concept (POC) and proof-of-value (POV) initiatives for new IAM technologies.
- Lead the selection, integration, and optimization of IAM platforms (e.g., SailPoint, CyberArk, Ping Identity, Okta).
- Design and oversee secure integration with cloud and on-premises applications, APIs, and infrastructure.
- Provide technical leadership to a small team of IAM engineers, ensuring successful delivery of IAM projects.
- Stay ahead of emerging IAM trends, threats, and compliance requirements, recommending improvements as needed.
- Produce detailed low-level design (LLD) documents, architecture diagrams, and operational runbooks.
- Act as a trusted advisor on IAM to senior leadership and other technical domains.
Skills & Qualifications
- Bachelors degree in Information Technology, Computer Science, Cybersecurity, or equivalent experience.
- 10+ years experience in IAM, with at least 3 years in an architecture and leadership capacity.
- Proven expertise in IAM domains, including:
1) Identity lifecycle management
2) Authentication & Single Sign-On (SSO)
3) Multi-Factor Authentication (MFA)
4) Authorization models (RBAC, ABAC)
5) Privileged Access Management (PAM)
6) Secrets and certificate management
7) Federation & directory services (LDAP, AD, Azure AD)
- Strong knowledge of IAM protocols: SAML, OAuth, OpenID Connect, SCIM, LDAP.
- Hands-on experience with leading IAM platforms such as SailPoint, CyberArk, Ping Identity, Okta, ForgeRock or equivalent.
- Familiarity with cloud IAM (AWS IAM, Azure AD, GCP IAM).
- Strong leadership, mentoring, and team management skills.
- Excellent communication and stakeholder management abilities.
- Relevant certifications (e.g., CISSP, CISM, CISA, vendor IAM certifications) are highly desirable.
Morgan Mckinley Pte Ltd
EA Licence No: 11C5502
EAP Registration No: R1106192
